diff options
Diffstat (limited to 'contrib/openbsm/CHANGELOG')
-rw-r--r-- | contrib/openbsm/CHANGELOG | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/contrib/openbsm/CHANGELOG b/contrib/openbsm/CHANGELOG new file mode 100644 index 0000000..846cbf9 --- /dev/null +++ b/contrib/openbsm/CHANGELOG @@ -0,0 +1,69 @@ +OpenBSM 1.0 + +- Import of Darwin74 BSM drop +- Use 'syslog' for audit log warnings, rather than echoing to a file in + audit_warn. +- Compile using BSD make infrastructure. +- Integrate bsm/ include files from Darwin74 XNU drop into OpenBSM. +- Narrow set of symbols and defines that are exposed in user space: don't + compile in code relying on kernel-only types such as 'struct socket'. +- Add README, including basic build documentation. +- Compilation of Apple-specific notify and Machroutines now #ifdef __APPLE__. +- Staticize libbsm global variables to avoid leakage into application. +- Add free_au_user_ent() so that au_user_ent's don't have to be leaked. +- Clean up bogus nul-termination checks in libbsm. +- Add libbsm API man pages: au_class.3 au_control.3 au_event.3 + au_free_token.3 au_io.3 au_mask.3 au_token.3 au_user.3 libbsm.3. +- Add man pages for BSM system calls: audit.2 auditctl.2 auditon.2 getaudit.2 + getauid.2 setaudit.2 setauid.2 +- Modify various libbsm interfaces to more consistently return 'errno' values + on failure. +- Break out au_close() into constituent parts, allowing records to be written + to memory as well as files. +- Prefix various defines with 'BSM_' to reduce name space pollution. +- Added audit_internal.h, which can be used by a kernel audit implementation + wanting to rely on libbsm components. +- Build with warnings, and eliminate warnings. +- Make libbsm endian-independent, storing and reading BSM are big endian + (network byte order) rather than native byte order. More consistently + print IP addresses using the IP address print routine. These changes + make use of sys/endian.h from *BSD; since this isn't present on Darwin, + add it to OpenBSM as compat/endian.h, which is used only on Darwin. +- Import of Darwin80 BSM drop, including 64-bit file IDs, better + documentation of private APIs, and bug fixes. +- White space cleanup. +- Add audit.log.5, a first cut at a man page documenting the BSM file format. +- Teach au_read_rec() to recognize stand-alone file tokens, which are present + at the beginning and end of Solaris audit trails. Technically, these + appear to violate the high level BSM spec, which suggests that all tokens + are present in records, but need to be supported. +- Implement HEADER64, ATTR64, SUBJECT64 token types, which make it possible + to run praudit(1) on basic Solaris BSM streams. +- Switched to Solaris spelling of token names; Darwin spellings are now + deprecated and will be removed in a future version of OpenBSM. +- Adopt Solaris model for representing IPv4 and IPv6 addresses. +- Prefer C99 types. +- Attempt to universally adopt the BSD style(9) coding style for + consistency. +- auditreduce(1) now has a usage message. +- Update support for auditctl(2) system call to support FreeBSD. +- Add support for /dev/audit as the trigger source on FreeBSD. +- Add additional event types for Darwin, FreeBSD, and Solaris. Annotate + conflicts (there are a few, unfortunately). Correct spellings, comment, + sort, etc. These include {get,set}res[ug]id(), sendfile(), lchflags(), + eaccess(), kqueue(), kevent(), poll(), lchmod(). +- Relicensed under a BSD license, many thanks to Apple, Inc! +- Many bug fixes, cleanups, thread safety in the class, control, event, + and user system audit databases. Annotate some persisting atomicity + bugs associated with the API and implementation. +- Add audump test tool. +- Adopt OpenSolaris BSM API memory semantics: caller allocates memory, + or static memory is returned for non-_r() versions of API calls. + _free() calls dropped as a result, and source code compatibility with + OpenSolaris improved significantly. +- Annotate BSM events with origin OS and compatibility information. +- auditd(8), audit(8) added to the OpenBSM distribution. auditd extended + to support reloading of kernel event table. +- Allow comments in /etc/security configuration files. + +$P4: //depot/projects/trustedbsd/openbsm/CHANGELOG#6 $ |